1. Classical Encryption Techniques 1
BSIT-7th
Delivered by Inam ul Haq
Chapter 2 Cryptography and Network Security by William Stallings
2. Table of Contents
⢠2 Main Types of Encryption
⢠Symmetric Encryption
⢠Basic Terminologies
⢠Symmetric Cipher Model
⢠Cryptography & Cryptanalysis
⢠Brute Force Search
⢠Ciphers [Caesar, Monoalphabetic, ]
3. 2 Main Encryption Types
⢠Two main encryption types are
⢠Symmetric: the same key is used for
both encryption and decryption
⢠Asymmetric: different keys for
encryption and decryption, e.g. public-key
encryption such as RSA.
4. Symmetric Encryption
⢠Encryption and decryption keys are same
⢠Conventional / private-key / single-key
⢠Sender and recipient share a common key
⢠All classical encryption algorithms are private-
key
⢠First prior to invention of public-key in 1970âs
⢠Most widely used
5. Some Basic Terminology
⢠plaintext - original message
⢠ciphertext - coded message
⢠cipher - algorithm for transforming plaintext to ciphertext
⢠key - info used in cipher known only to sender/receiver
⢠encipher (encrypt) - converting plaintext to ciphertext
⢠decipher (decrypt) - recovering ciphertext from plaintext
⢠cryptography - study of encryption principles/methods
⢠cryptanalysis (codebreaking) - study of principles/ methods
of deciphering ciphertext without knowing key
⢠cryptology - field of both cryptography and cryptanalysis
7. Requirements
⢠Two requirements for secure use of
symmetric encryption:
â a strong encryption algorithm
â a secret key known only to sender / receiver
⢠mathematically:
Y = E(K, X)
X = D(K, Y)
⢠Assume encryption algorithm is known
⢠Implies a secure channel to distribute key
8. Cryptography
⢠Can characterize cryptographic system by:
â type of encryption operations used
⢠substitution
⢠transposition
⢠product
â number of keys used
⢠single-key or private
⢠two-key or public
â way in which plaintext is processed
⢠block
⢠stream
9. Cryptanalysis
⢠Objective to recover key not just message
⢠General approaches:
â cryptanalytic attack
â brute-force attack
⢠if either succeed all keys are compromised
10. Types of Attacks on Encrypted Messages
ď ciphertext only
ďŹonly know algorithm & ciphertext, is statistical, know or
can identify plaintext
ď known plaintext
ďŹknow/suspect plaintext & ciphertext
ď chosen plaintext
ďŹselect plaintext and obtain ciphertext
ď chosen ciphertext
ďŹselect ciphertext and obtain plaintext
ď chosen text
ďŹselect plaintext or ciphertext to en/decrypt
11. More Definitions
ďUnconditional security
ďŹno matter how much computer power or time is
available, the cipher cannot be broken since the
ciphertext provides insufficient information to
uniquely determine the corresponding plaintext
ďComputational security
ďŹgiven limited computing resources (eg time
needed for calculations is greater than age of
universe), the cipher cannot be broken
12. Brute Force Search
⢠Try every possible character (from dictionary)
⢠most basic attack, proportional to key size
⢠assume either know / recognise plaintext
4-Digits PIN < 1s
Upper+Lower+Number+Symbol <25s
6 characters 11hrs
7 characters 6 weeks
8 characters 5 months
9 characters 10 years
13. 1-Caesar Cipher
⢠Earliest known substitution cipher
⢠By Julius Caesar
⢠First attested use in military affairs
⢠Replaces each letter by 3rd letter on
⢠example:
14. 1-Caesar Cipher
1-Monoalphabetic substitution
â One table describes all substitutions
â Jump x step in the alphabet where 0 ⼠x ⼠26
â If x = 3 then the table below could be used for
encryption and decryption
â ROT 13 another Caesar cipher
15. Cryptanalysis of Caesar Cipher
ďonly have 26 possible ciphers
ďŹA maps to A,B,..Z
ďcould simply try each in turn
ďa brute force search
ďgiven ciphertext, just try all shifts of letters
ďdo need to recognize when have plaintext
ďeg. break ciphertext "GCUA VQ DTGCM"
16. 1-Caesar Cipher
⢠1-Monoalphabetic Cipher Security
⢠now have a total of 26! = 4 x 1026
keys
⢠with so many keys, might think is secure
⢠but would be !!!WRONG!!!
⢠problem is language characteristics
17. Language Redundancy and
Cryptanalysis
ď human languages are redundant
ď eg "th lrd s m shphrd shll nt wnt"
ď letters are not equally commonly used
ď in English E is by far the most common letter
ďŹfollowed by T, A, O, I
ď other letters like Z,J,Q,X are fairly rare
ď have tables of single, double & triple letter
frequencies for various languages
19. 2-Polyalphabetic Cipher
⢠Also substitution cipher
⢠Vigenère cipher is probably the best-known example
⢠Polyalphabetic cipher that uses a tableau of 26 alphabets
! Invented by⯠Blaise de Vigenère in the 16th century
⢠Encrypting a plaintext character:
! Lookup the column that corresponds to the current character inâŻ
the key
! Use the row that begins with the current plaintext characterâŻ
! Replace the plaintext character with the one highlighted by theâŻ
current column and row
! To decrypt, just reverse the procedureâŻ
21. 2-Polyalphabetic Cipher (Vigenère cipher)
⢠! Key phrase = âBoldtbol dtb oldtboldtââŻ
! Plaintext = âOverhead the albatrossââŻ
! Ciphertext = âPjpuafoo waf owetufzvlââŻ
! So, which keyword was used?âŻ
22. 3-Playfair Cipher
ďnot even the large number of keys in a
monoalphabetic cipher provides security
ďone approach to improving security was to
encrypt multiple letters
ďthe Playfair Cipher is an example
ďinvented by Charles Wheatstone in 1854, but
named after his friend Baron Playfair
23. Playfair Key Matrix
ďa 5X5 matrix of letters based on a keyword
ďfill in letters of keyword (filter duplicates)
ďfill rest of matrix with other letters
ďeg. using the keyword MONARCHY
MM OO NN AA RR
CC HH YY BB DD
EE FF GG I/JI/J KK
LL PP QQ SS TT
UU VV WW XX ZZ
24. Encrypting and Decrypting
⢠plaintext is encrypted two letters at a time
1. if a pair is a repeated letter, insert filler like 'Xâ
2. if both letters fall in the same row, replace each
with letter to right (wrapping back to start from
end)
3. if both letters fall in the same column, replace
each with the letter below it (wrapping to top
from bottom)
4. otherwise each letter is replaced by the letter in
the same row and in the column of the other letter
of the pair
25. Security of Playfair Cipher
ď Security much improved over monoalphabetic
ď Better than Vigenere cipher
ď Widely used for many years
ďŹeg. by US & British military in WW1
ď How to decipher?
ď Since still has much of plaintext structure
26. Exercise
â Can you make your cipher?
â How to decipher Playfair?
â How many times Caesar Cipher has been broken?
Editor's Notes
Lecture slides by Lawrie Brown for âCryptography and Network Securityâ, 5/e, by William Stallings, Chapter 2 â âClassical Encryption Techniquesâ.
Symmetric encryption, also referred to as conventional encryption or single-key encryption, was the only type of encryption in use prior to the development of public-key encryption in the 1970s. It remains by far the most widely used of the two types of encryption. All traditional schemes are symmetric / single key / private-key encryption algorithms, with a single key, used for both encryption and decryption. Since both sender and receiver are equivalent, either can encrypt or decrypt messages using that common key.
Briefly review some terminology used throughout the course.
Detail the five ingredients of the symmetric cipher model, shown in Stallings Figure 2.1:
plaintext - original message
encryption algorithm â performs substitutions/transformations on plaintext
secret key â control exact substitutions/transformations used in encryption algorithm
ciphertext - scrambled message
decryption algorithm â inverse of encryption algorithm
There are two requirements for secure use of conventional encryption that mean we assume that it is impractical to decrypt a message on the basis of the cipher- text plus knowledge of the encryption/decryption algorithm, and hence do not need to keep the algorithm secret; rather we only need to keep the key secret. This feature of symmetric encryption is what makes it feasible for widespread use. It allows easy distribution of s/w and h/w implementations.
Can take a closer look at the essential elements of a symmetric encryption scheme: mathematically it can be considered a pair of functions with: plaintext X, ciphertext Y, key K, encryption algorithm E, decryption algorithm D. The intended receiver, in possession of the key, is able to invert the transformation. An opponent, observing Y but not having access to K or X, may attempt to recover X or K.
Cryptographic systems can be characterized along these three independent dimensions.
The type of operations used for transforming plaintext to ciphertext. All encryption algorithms are based on two general principles: substitution, in which each element in the plaintext (bit, letter, group of bits or letters) is mapped into another element, and transposition, in which elements in the plaintext are rearranged. The fundamental requirement is that no information be lost (that is, that all operations are reversible). Most systems, referred to as product systems, involve multiple stages of substitutions and transpositions.
The number of keys used. If both sender and receiver use the same key, the system is referred to as symmetric, single-key, secret-key, or conventional encryption. If the sender and receiver use different keys, the system is referred to as asymmetric, two-key, or public-key encryption.
The way in which the plaintext is processed. A block cipher processes the input one block of elements at a time, producing an output block for each input block. A stream cipher processes the input elements continuously, producing output one element at a time, as it goes along.
Typically objective is to recover the key in use rather then simply to recover the plaintext of a single ciphertext. There are two general approaches:
Cryptanalysis: relies on the nature of the algorithm plus perhaps some knowledge of the general characteristics of the plaintext or even some sample plaintext- ciphertext pairs. This type of attack exploits the characteristics of the algorithm to attempt to deduce a specific plaintext or to deduce the key being used.
Brute-force attacks try every possible key on a piece of ciphertext until an intelligible translation into plaintext is obtained. On average,half of all possible keys must be tried to achieve success.
If either type of attack succeeds in deducing the key, the effect is catastrophic: All future and past messages encrypted with that key are compromised.
Stallings Table 2.1 summarizes the various types of cryptanalytic attacks, based on the amount of information known to the cryptanalyst, from least to most. The most difficult problem is presented when all that is available is the ciphertext only. In some cases, not even the encryption algorithm is known, but in general we can assume that the opponent does know the algorithm used for encryption. Then with increasing information have the other attacks. Generally, an encryption algorithm is designed to withstand a known-plaintext attack.
Two more definitions are worthy of note. An encryption scheme is unconditionally secure if the ciphertext generated by the scheme does not contain enough information to determine uniquely the corresponding plaintext, no matter how much ciphertext is available. An encryption scheme is said to be computationally secure if either the cost of breaking the cipher exceeds the value of the encrypted information, or the time required to break the cipher exceeds the useful lifetime of the information. Unconditional security would be nice, but the only known such cipher is the one-time pad (later).
For all reasonable encryption algorithms, we have to assume computational security where it either takes too long, or is too expensive, to bother breaking the cipher.
A brute-force attack involves trying every possible key until an intelligible translation of the ciphertext into plaintext is obtained. On average, half of all possible keys must be tried to achieve success. Stallings Table 2.2 shows how much time is required to conduct a brute-force attack, for various common key sizes (DES is 56, AES is 128, Triple-DES is 168, plus general mono-alphabetic cipher), where either a single system or a million parallel systems, are used.
Substitution ciphers form the first of the fundamental building blocks. The core idea is to replace one basic unit (letter/byte) with another. Whilst the early Greeks described several substitution ciphers, the first attested use in military affairs of one was by Julius Caesar, described by him in Gallic Wars (cf. Kahn pp83-84). Still call any cipher using a simple letter shift a caesar cipher, not just those with shift 3.
This mathematical description uses modulo (clock) arithmetic. Here, when you reach Z you go back to A and start again. Mod 26 implies that when you reach 26, you use 0 instead (ie the letter after Z, or 25 + 1 goes to A or 0).
Example: howdy (7,14,22,3,24) encrypted using key f (ie a shift of 5) is MTBID
With a caesar cipher, there are only 26 possible keys, of which only 25 are of any use, since mapping A to A etc doesn&apos;t really obscure the message! Note this basic rule of cryptanalysis &quot;check to ensure the cipher operator hasn&apos;t goofed and sent a plaintext message by mistake&quot;!
Can try each of the keys (shifts) in turn, until can recognise the original message. See Stallings Fig 2.3 for example of search.
Note: as mentioned before, do need to be able to recognise when have an original message (ie is it English or whatever). Usually easy for humans, hard for computers. Though if using say compressed data could be much harder.
Example &quot;GCUA VQ DTGCM&quot; when broken gives &quot;easy to break&quot;, with a shift of 2 (key C).
Note that even given the very large number of keys, being 10 orders of magnitude greater than the key space for DES, the monoalphabetic substitution cipher is not secure, because it does not sufficiently obscure the underlying language characteristics.
As the example shows, we don&apos;t actually need all the letters in order to understand written English text. Here vowels were removed, but they&apos;re not the only redundancy. cf written Hebrew has no vowels for same reason. Are usually familiar with &quot;party conversations&quot;, can hear one person speaking out of hubbub of many, again because of redundancy in aural language also. This redundancy is also the reason we can compress text files, the computer can derive a more compact encoding without losing any information. Basic idea is to count the relative frequencies of letters, and note the resulting pattern.
Note that all human languages have varying letter frequencies, though the number of letters and their frequencies varies. Stallings Figure 2.5 shows English letter frequencies. Seberry & Pieprzyk, &quot;Cryptography - An Introduction to Computer Security&quot;, Prentice-Hall 1989, Appendix A has letter frequency graphs for 20 languages (most European & Japanese & Malay). Also useful are tables of common two-letter combinations, known as digrams, and three-letter combinations, known as trigrams.
Consider ways to reduce the &quot;spikyness&quot; of natural language text, since if just map one letter always to another, the frequency distribution is just shuffled. One approach is to encrypt more than one letter at once. The Playfair cipher is an example of doing this, treats digrams in the plaintext as single units and translates these units into ciphertext digrams.
The best-known multiple-letter encryption cipher is the Playfair, which treats digrams in the plaintext as single units and translates these units into ciphertext digrams. The Playfair algorithm is based on the use of a 5x5 matrix of letters constructed using a keyword. The rules for filling in this 5x5 matrix are: L to R, top to bottom, first with keyword after duplicate letters have been removed, and then with the remain letters, with I/J used as a single letter. This example comes from Dorothy Sayer&apos;s book &quot;Have His Carcase&quot;, in which Lord Peter Wimsey solves it, and describes the use of a probably word attack.
Plaintext is encrypted two letters at a time,according to the rules as shown. Note how you wrap from right side back to left, or from bottom back to top.
if a pair is a repeated letter, insert a filler like &apos;X&apos;, eg. &quot;balloon&quot; encrypts as &quot;ba lx lo on&quot;
if both letters fall in the same row, replace each with letter to right (wrapping back to start from end), eg. âar&quot; encrypts as &quot;RM&quot;
if both letters fall in the same column, replace each with the letter below it (again wrapping to top from bottom), eg. âmu&quot; encrypts to &quot;CM&quot;
otherwise each letter is replaced by the one in its row in the column of the other letter of the pair, eg. âhs&quot; encrypts to &quot;BP&quot;, and âea&quot; to &quot;IM&quot; or &quot;JM&quot; (as desired)
Decrypting of course works exactly in reverse. Can see this by working the example pairs shown, backwards.
The Playfair cipher is a great advance over simple monoalphabetic ciphers, since there are 26*26=676 digrams (vs 26 letters), so that identification of individual digrams is more difficult. Also,the relative frequencies of individual letters exhibit a much greater range than that of digrams, making frequency analysis much more difficult. The Playfair cipher was for a long time considered unbreakable. It was used as the standard field system by the British Army in World War I and still enjoyed considerable use by the U.S.Army and other Allied forces during World War II. Despite this level of confidence in its security, the Playfair cipher is relatively easy to break because it still leaves much of the structure of the plaintext language intact. A few hundred letters of ciphertext are generally sufficient.